Articles about Malware

Reminder: Spies, cops don't need to crack WhatsApp. They'll just hack your smartphone

Police in Germany will forego seeking decryption keys for secure messaging apps, like WhatsApp, and instead simply hack devices to snoop on suspects. Given the grumblings coming from Australia, the UK, and other Five Eyes states about encrypted messaging, we suspect these nations will follow suit – if they're not there already …
Shaun Nichols, 26 Jul 2017

No one still thinks iOS is invulnerable to malware, right? Well, knock it off

The comforting notion that iOS devices are immune to malicious code attacks has taken a knock following the release of a new study by mobile security firm Skycure. Malicious mobile apps in Apple's App Store are mercifully rare (XcodeGhost aside) compared to the comparative "Wild West" of the Google Play store, which has come …
John Leyden, 20 Jul 2017
hands through the jail bars. Photo by shutterstock

Remember that Citadel bank-slurping malware? Its main man was just jailed for five years

Russian programmer Mark Vartanyan has been sentenced to five years in US federal prison for developing and spreading the Citadel malware that stole $500m (£383m) from bank accounts around the world. Citadel is a variant of the Zeus banking Trojan, the source code of which leaked online in 2011. These software nasties could …
Iain Thomson, 20 Jul 2017
Image by gyn9037 http://www.shutterstock.com/gallery-691846p1.html

Targeted, custom ransomware menace rears its ugly head

Attackers are manually deploying ransomware directly into target networks to maximise the damage and potential payout. Unlike "spray-and-pray" attacks such as WannaCrypt, which hit victims at random, targeted attacks that manually execute the ransomware enable criminals to ensure they have locked mission-critical files that …
John Leyden, 19 Jul 2017

Sleuths unearth 'Panic Mode' in Android, set off by mashing back button

The phone sleuths at XDA-Developers have unearthed a handy undocumented feature in the latest version of Android. Phones running Nougat 7.1.1 are able to invoke a "panic button" by pressing the back key four times. It's in the AOSP source code for the Android Window Manager. Panic mode returns the user to the home screen, …
Andrew Orlowski, 13 Jul 2017
Picture of multi-layered sandwich. Photo by Shutterstock

Biometric data stolen from corporate lunch rooms system

A US payment kiosk vendor has been stung by malware scum. Avanti Markets helps employers monetise the lunch-room and get rid of counter-service, going beyond a simple vending machine to cover the whole sandwiches-fruit-drinks-junk-food with one payment system. Last week, as first spotted by Brian Krebs, the company posted …

Fast-spreading CopyCat Android malware nicks pennies via pop-up ads

A powerful and fast-spreading Android malware strain dubbed CopyCat has infected 14 million Android devices. CopyCat is primarily designed to generate and steal ad revenues. It does this by rooting compromised devices and establishing persistence. Injecting code into Zygote – a daemon responsible for launching apps in the …
John Leyden, 7 Jul 2017
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Nothing could protect Durex peddler from NotPetya ransomware

The owner of the Dettol brand and Durex condoms could be left millions out of pocket after falling victim to the NotPetya ransomware last week. The malware attack, which centred on Ukraine but also affected several multinationals worldwide, disrupted production and deliveries at UK-based Reckitt Benckiser, a consumer goods …
John Leyden, 6 Jul 2017
hacker

Brit teen accused of running malware factory and helpdesk for crims

A British teenager is accused of flogging and supporting malware used to launch distributed denial-of-service attacks against top multinationals. Jack Chappell, 18, from Stockport in Cheshire, appeared before Manchester magistrates on Tuesday charged with impairing the operation of computers under the UK's Computer Misuse Act …
Iain Thomson, 5 Jul 2017
malware

For all the chaos it sows, fewer than 1% of threats are actually ransomware

Ransomware dominated the threat landscape last year even though file-encrypting nasties made up less than one in a hundred examples of different Windows malware during 2016. The mode of action and damage created by file-encrypting trojans makes them a much greater threat than implied by a consideration of the numbers, …
John Leyden, 4 Jul 2017

Spies do spying, part 97: The CIA has a tool to track targets via Wi-Fi

The latest cache of classified intelligence documents dumped online by WikiLeaks includes files describing malware CIA apparently uses to track PCs via Wi‑Fi. The Julian Assange-led website claims the spyware, codenamed ELSA, infects a target's Windows computer and then harvests wireless network details to pinpoint the …
Shaun Nichols, 29 Jun 2017
TNT

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

FedEx has suspended trading of its shares on the New York stock exchange after admitting that its subsidiary TNT Express has been hit by "an information system virus." The big package giant said no information had been stolen by the cyber-nasty and only some offices of TNT Express appear to have been disrupted. After yesterday …
Iain Thomson, 28 Jun 2017

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

Analysis It is now increasingly clear that the global outbreak of a file-scrambling software nasty targeting Microsoft Windows PCs was designed not to line the pockets of criminals, but spread merry mayhem. The malware, dubbed NotPetya because it masquerades as the Petya ransomware, exploded across the world on Tuesday, taking out …
Iain Thomson, 28 Jun 2017
kangaroo

WikiLeaks doc dump reveals CIA tools for infecting air-gapped PCs

WikiLeaks has published online more top-secret documents it has obtained from the CIA describing the agency's hacking tools. This time the dossier details software codenamed Brutal Kangaroo that agents can use to infect targets' air-gapped computers with malware. The documents, originally written on May 11, 2015 and revised on …
Iain Thomson, 22 Jun 2017
honda crv engine

Honda plant in Japan briefly stops making cars after fresh WannaCrypt outbreak

Honda said today that it had briefly halted operations at a car plant in Sayama, Japan earlier this week because of the infamous WannaCrypt ransomware. The Japanese car maker halted production for one day at a domestic vehicle plant on Monday after finding samples of the WannaCrypt ransomware in its computer network, Reuters …
John Leyden, 21 Jun 2017
A skull atop money

It's 2017, and UPnP is helping black-hats run banking malware

Another banking malware variant has been spotted in the wild, and it's using UPnP to pop home routers to expose unsuspecting home users, recruited as part of the botnet. McAfee Labs says the new campaign uses a variant of the ancient “Pinkslipbot”, and says it uses Universal Plug'n'Play (UPnP) to open ports through home …
Office Space

If you haven't already obliterated your Jaff-infected comp, there is an antidote available

Security researchers have developed a free decryption tool for victims of the ‪Jaff‬ ransomware, meaning they can regain access to files without paying crooks. The utility – developed by boffins at Kaspersky Lab – works on all variants released to date. Of course there is still the possibility that the criminals behind Jaff …
John Leyden, 15 Jun 2017

Don't all rush out at once, but there are a million devices ripe to be the next big botnet

A wormable vulnerability involving an estimated one million digital video recorders (DVR) is at risk of creating a Mirai-style botnet, security researchers warn. UK-based security consultancy Pen Test Partners said that the issue stems from a zero-day (unpatched) flaw in networking software from Chinese manufacturer XiongMai …
John Leyden, 15 Jun 2017

Create a news alert about Malware, or find more stories about Malware.

Biting the hand that feeds IT © 1998–2017